Tweets
- Tweets, current page.
- Tweets & replies
- Media
You blocked @skeptic_fx
Are you sure you want to view these Tweets? Viewing Tweets won't unblock @skeptic_fx
-
Nafeez Retweeted
Reminder: if you learned something valuable from a person, whether a talk they gave, a blog, or just stalking their twitter: let them know
Thanks. Twitter will use this to make your timeline better. Undo -
So much used to reading minified JS code, dong nasty stuff with postmessage. ;)
Thanks. Twitter will use this to make your timeline better. Undo -
The force is really strong towards a TypeScript future.
Thanks. Twitter will use this to make your timeline better. Undo -
Nafeez Retweeted
By using a specially crafted input, it is possible under the right conditions to trick Imagemagick in to processing images, rather than | sh
Thanks. Twitter will use this to make your timeline better. Undo -
Nafeez RetweetedThanks. Twitter will use this to make your timeline better. Undo
-
The Atom text editor has improved a lot from its early beta days. Its stable and is almost replacing IntelliJ for me. Try material-ui theme.
Thanks. Twitter will use this to make your timeline better. Undo -
Nafeez Retweeted
It's not that C is hard. It's that paper cuts won't stop bleeding. Small mistakes are hard to find and test for.
Thanks. Twitter will use this to make your timeline better. Undo -
Nafeez Retweeted
The secret goal of CSP is to become so complicated that people give up and just fix their apps' XSS problems the right way.
Thanks. Twitter will use this to make your timeline better. Undo -
They killed CSP Whitelists and are now back to hacking around content exfiltration attacks. Happy New Year 2012.
#disappointedThanks. Twitter will use this to make your timeline better. Undo -
Nafeez Retweeted
Bypassing CSP script nonces via the browser cache: http://sebastian-lekies.de/csp/attacker.php …. Nonces are incompatible with most caching mechanisms.
#CSPThanks. Twitter will use this to make your timeline better. Undo -
Everyone should read this article and understand the transitive trust that strict-dynamic introduces: http://blog.kotowicz.net/2016/06/reflections-on-trusting-csp.html … Its a gem!
Thanks. Twitter will use this to make your timeline better. Undo -
Why call it Strict-CSP when it cannot prevent most kinds of DOM XSS? https://csp.withgoogle.com/docs/strict-csp.html …
Thanks. Twitter will use this to make your timeline better. Undo -
With its transitive trust model -Its wrongly named and is an example of why we make it hard for security engineers. Devs get a false hope.
Thanks. Twitter will use this to make your timeline better. Undo -
CSP 'strict-dynamic' is a nightmare if your app is modern and has too much of DOM manipulation.
Thanks. Twitter will use this to make your timeline better. Undo -
Nafeez Retweeted
More password manager bugs out today and more due out soon. I'm not going to look at more, the whole industry is crazy, you're on your own.
Thanks. Twitter will use this to make your timeline better. Undo -
Hookish! now has some experimental Javascript static analyzer for security. Just right click and scan all JS files.pic.twitter.com/zSTnbwKaOZ
Thanks. Twitter will use this to make your timeline better. Undo -
Nafeez Retweeted
She sells C shells by the back door. The shells she sells are C shells for sure.
#InfosecTongueTwisterThanks. Twitter will use this to make your timeline better. Undo -
Nafeez Retweeted
wrote a thing about visiting Chelsea Manning in prison at Fort Leavenworth: https://zyan.scripts.mit.edu/blog/xychelsea/
Thanks. Twitter will use this to make your timeline better. Undo -
DomStorm : jQuery UI .dialog() closeText property XSS . https://domstorm.skepticfx.com/modules/?id=57969fa0b7f59c84de8b45a9 …
#domstromThanks. Twitter will use this to make your timeline better. Undo -
Any idea how to pass variables to template strings when $, (, ), = are blocked? alert`dynamic_var_here`
@cgvwzq@garethheyes@0x6D6172696FThanks. Twitter will use this to make your timeline better. Undo
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
